Cyber Cops Shut Down Major International Malware Syndicate: Are the Good Guys Finally Winning?

Recently, there have been two major takedowns in connection with malware criminal enterprises.  European and North American cyber cops have joined forces to disrupt what may be the world’s largest network for seeding malware infections. 

First, European Union police and the judicial agencies Europol and Eurojust announced that investigators took control of the infrastructure behind the botnet known as Emotet. Tripwire describes Emotet as “an extremely advanced and pernicious family of rapidly-spreading malware, with the capability of dropping other malware onto users’ computers.” The reason Emotet is bad is once the malware infects your network, hackers have remote access to your infected devices, which means they can not only steal data from you and spy on your activities, but also plant other malware such as ransomware.

This shutdown by European authorities is a huge victory for those trying to stop cyber crime. The CBC quotes Allan Liska, an analyst with Recorded Future: “This is a really big deal. Emotet was one of the largest, if not the largest, botnets delivering a wide variety of malware. Their botnet consisted of hundreds of thousands compromised hosts which were used to send more than 10 million spam and phishing emails a week.”

Second, the FBI has also announced a major arrest in relation to NetWalker, a relatively new ransomware gang accused of amassing tens of millions of dollars. Sebastien Vachon-Desjardins of Gatineau, Quebec, was arrested in the scheme and the agency said in a statement that cryptocurrency worth $454,000 US in ransomware income was seized. NetWalker ransomware victims include Michigan State University, the Champaign-Urbana Public Health District in Illinois, the College of Nurses of Ontario and the Medical School of the University of California at San Francisco, which paid a $1.1 million US ransom. Part of Vachon-Desjardins’s indictment claims he took part in extorting an unnamed Tampa, FL business.  In addition to the arrest of Vachon-Desjardins, authorities in Bulgaria took down a dark web site that NetWalker used to communicate with its victims.

These are both great victories for law enforcement, but how does this affect your business?  Unfortunately, with these arrests, the ransomware threat has not gone away entirely.  Jake Williams, president of Rendition Infosec, was quoted by CBC: although someone will eventually fill the gap “there’s no question that this will hurt [ransomware gangs] and help defenders in the short/mid term.” Costin Raiu, research director at the cybersecurity firm Kaspersky, said the Emotet takedown “should impact other cybercriminal groups’ ability to maintain and grow their botnets. It remains to be seen if they will be able to stage a comeback, be it either as Emotet, or perhaps merge with another group and continue from there.”

There is certainly great hope that this will slow down new ransomware threats, however, there are other criminal organizations that are out there waiting to take their place. With the latest takedown by law enforcement, hopefully any new hacker organizations can be taken down swiftly. In the short term, cyber security deployment is still very important for you to protect your business.  Uzado is here to help your business with its cyber security needs.